Prior art digital wallets focus on financial transactions, attempting to replace current technologies of credit and debit cards and the like with mostly electronic commerce (e-commerce) and similar methods and devices. Likewise, security concerns for most digital wallet technologies are focused primarily on the transaction between the customer, merchant and banking institutions.
The term “digital wallet” is used loosely to describe a broad spectrum of methods and devices to perform electronic commerce (e-commerce). Digital wallets refer to software that resides on the consumer's personal computer (PC) or other web-enabled devices that enable a user to select a payment account digitally. Digital wallets require an internet connection. Conversely, electronic wallets refer to electronic methods to allow a user to select a payment account locally, on some physical electronic device. Most digital wallet technologies involve software that resides on the consumer's personal computer (PC) or other web-enabled devices. Most browsers now support digital wallets. Digital wallet software spans methods to improve consumer's ability to purchase goods and services from on-line e-retailers (the “transaction”) to methods to keep personal information private (the “security”).
Features and benefits to the consumer to purchase goods and services over internet based e-commerce are well known. However, many shortcomings have limited the use and acceptance of digital wallet software solutions as the technology migrates to mobile devices. The chief issue with mass consumer acceptance of “mobile money” solutions involves securing private information on the devices as well as securing authentication information during the transaction itself. As evident in recent reviews, digital wallet technologies on cell phones will be further challenged to fully secure mobile devices. Security holes within operating systems and firewalls have caused numerous false starts to an already skeptical consumer market. Even if security concerns can be overcome, the perception of the public to utilize cell phones that have open access via the internet is questionable. In this day of rampant identity theft, consumers are understandably cautious to embrace any technology that houses or transmits their private information over electronic mediums without “assured security.”
Various methods have been used to secure financial transactions over the internet including encrypting the information stored locally on a device as well as the information transmitted to merchants and on to banking institutions. Since encryption alone does not solve the issue of authenticating, that is, is the individual making the purchase is indeed the individual qualified to make the purchase (e.g. the “card holder”), various methods to “authenticate” the user have arisen, such as biometrics. “End-to-end” biometric authentication is great for a long-term solution (once all security issues are fully addressed to the satisfaction of consumers), but does nothing for the current paradigm of magnetic stripe credit and payment cards that are so prevalent in society. Furthermore, a simple biometric key that authenticates with a server in the cloud does nothing to address hacking of the device and using the captured bio-key improperly “remotely” over the internet.